Electronically Stored Information The Complete Guide to Management, Understanding, Acquisition, Storage, Search, and Retrieval Second Edition OTHER TITLES FROM AUERBACH PUBLICATIONS AND CRC PRESS A Comprehensive Look at Fraud Knowledge Discovery Process and Identification and Prevention Methods to Enhance Organizational James R. Youngblood Performance ISBN 978-1-4987-0032-0 Kweku-Muata Osei-Bryson and Corlane Barclay Analytical Evaluation of Nonlinear ISBN 978-1-4822-1236-5 Distortion Effects on Multicarrier Signals Theresa Araújo and Rui Dinis Lean for the Long Term: Sustainment ISBN 978-1-4822-1594-6 is a Myth, Transformation is Reality Cognitive Radio Networks: Efficient William H. Baker, Jr. and Kenneth Rolfes Resource Allocation in Cooperative ISBN 978-1-4822-5716-8 Sensing, Cellular Communications, Odyssey—The Business of Consulting: High-Speed Vehicles, and Smart Grid How to Build, Grow, and Transform Tao Jiang, Zhiqiang Wang, and Yang Cao Your Consulting Business ISBN 978-1-4987-2113-4 Imelda K. Butler and Shayne Tracy Configuration Management: Theory, ISBN 978-1-4987-2912-3 Practice, and Application Securing Systems: Applied Security Jon M. Quigley and Kim L. Robertson Architecture and Threat Models ISBN 978-1-4822-2935-6 Brook S. E. Schoenfield Corporate Security Intelligence and ISBN 978-1-4822-3397-1 Strategic Decision Making Simple Statistical Methods for Software Justin Crump Engineering: Data and Patterns ISBN 978-1-4665-9270-4 C. Ravindranath Pandian Cybersecurity: Protecting Critical and Murali Kumar Infrastructures from Cyber Attack and ISBN 978-1-4398-1661-5 Cyber Warfare Edited by Thomas A. Johnson The International Manager: ISBN 978-1-4822-3922-5 A Guide for Communicating, Cooperating, and Negotiating with Design Science Research Methods and Worldwide Colleagues Patterns: Innovating Information and Frank Garten Communication Technology, 2nd Edition ISBN 978-1-4987-0458-8 Vijay K. Vaishnavi and William Kuechler ISBN 978-1-4987-1525-6 The “Success or Die” Ultimatum: Saving Companies with Blended, Directing the ERP Implementation: A Long-Term Improvement Formulas Best Practice Guide to Avoiding Program Steven Borris and Daniel Borris Failure Traps While Tuning System ISBN 978-1-4822-9903-8 Performance Michael W. Pelphrey Transforming Business with Program ISBN 978-1-4822-4841-8 Management: Integrating Strategy, Emerging Technologies in Healthcare People, Process, Technology, Structure, Suzanne Moss Richins and Measurement ISBN 978-1-4822-6262-9 Satish P. Subramanian ISBN 978-1-4665-9099-1 Human–Computer Interaction: Fundamentals and Practice Web Security: A WhiteHat Perspective Gerard Jounghyun Kim Hanqing Wu and Liz Zhao ISBN 978-1-4822-3389-6 ISBN 978-1-4665-9261-2 Electronically Stored Information The Complete Guide to Management, Understanding, Acquisition, Storage, Search, and Retrieval Second Edition David R. Matthews CRC Press Taylor & Francis Group 6000 Broken Sound Parkway NW, Suite 300 Boca Raton, FL 33487-2742 © 2016 by Taylor & Francis Group, LLC CRC Press is an imprint of Taylor & Francis Group, an Informa business No claim to original U.S. Government works Printed on acid-free paper Version Date: 20160120 International Standard Book Number-13: 978-1-4987-3958-0 (Hardback) This book contains information obtained from authentic and highly regarded sources. Reasonable efforts have been made to publish reliable data and information, but the author and publisher cannot assume responsibility for the validity of all materials or the consequences of their use. The authors and publishers have attempted to trace the copyright holders of all material reproduced in this publication and apologize to copyright holders if permission to publish in this form has not been obtained. If any copyright material has not been acknowledged please write and let us know so we may rectify in any future reprint. Except as permitted under U.S. Copyright Law, no part of this book may be reprinted, reproduced, transmit- ted, or utilized in any form by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying, microfilming, and recording, or in any information storage or retrieval system, without written permission from the publishers. For permission to photocopy or use material electronically from this work, please access www.copyright. com (http://www.copyright.com/) or contact the Copyright Clearance Center, Inc. (CCC), 222 Rosewood Drive, Danvers, MA 01923, 978-750-8400. CCC is a not-for-profit organization that provides licenses and registration for a variety of users. For organizations that have been granted a photocopy license by the CCC, a separate system of payment has been arranged. Trademark Notice: Product or corporate names may be trademarks or registered trademarks, and are used only for identification and explanation without intent to infringe. Library of Congress Cataloging‑in‑Publication Data Names: Matthews, David R., author. Title: Electronically stored information : the complete guide to management, understanding, acquisition, storage, search, and retrieval / David R. Matthews. Description: Second edition. | Boca Raton : Taylor & Francis, 2016. | Includes bibliographical references and index. Identifiers: LCCN 2016002528 | ISBN 9781498739580 (hard cover : alk. paper) Subjects: LCSH: Electronic discovery (Law)--United States. | Electronic records--Law and legislation--United States. | Electronic data processing--United States. | Electronic data processing--Management. Classification: LCC KF8902.E42 M38 2016 | DDC 005.7068--dc23 LC record available at http://lccn.loc.gov/2016002528 Visit the Taylor & Francis Web site at http://www.taylorandfrancis.com and the CRC Press Web site at http://www.crcpress.com Contents FOREWORD ix PREFACE xi ACKNOWLEDGMENTS xiii AUTHOR xv CHAPTER 1 WHAT IS ELECTRONIC INFORMATION, AND WHY SHOULD YOU CARE? 1 1.1 Introduction 1 1.2 Electronically Stored Information and the Federal Rules of Civil Procedure 1 1.2.1 Changes to the Federal Rules of Civil Procedure 3 1.2.1.1 Rule 1: Scope and Purpose 3 1.2.1.2 Rule 16(b)(5) and (6): Pretrial Conferences; Scheduling Management 3 1.2.1.3 Rule 26 4 1.2.1.4 Rule 37 Safe Harbor 11 1.2.1.5 Rule 34(b) Producing Documents Procedures 13 1.2.1.6 Rule 33(d) Interrogatories to Parties 15 1.2.1.7 Rule 45 Subpoena 15 1.2.1.8 Form 35 15 1.2.2 Federal Rules of Evidence 16 1.2.2.1 FRE 502 17 1.2.2.2 FRE 901 17 1.2.2.3 FRE 802 18 V VI CONTENTS 1.2.3 Case Law Examples 18 1.2.3.1 Social Media Cases 20 1.2.3.2 Spoliation Cases 23 1.2.3.3 Rulings of Judge Scheindlin: Zubulake, Pension, and National Day Labor 29 1.2.3.4 Reasonably Accessible Cases 36 1.2.3.5 Metadata Cases 40 1.2.3.6 Claw-Back and Privilege Cases 41 1.2.3.7 Preservation/Production Cases 44 1.2.3.8 Attorney Competence Cases 48 1.2.4 Other Federal Rules That Affect Electronic Data 49 1.3 Problems with ESI as Discoverable Evidence 50 1.4 Why and How This Affects the Practice of Law 55 1.5 How This Affects Business Organizations 59 1.6 Effects on Government Entities 60 1.7 What This Might Mean to You as an Individual 60 CHAPTER 2 TRANSLATING GEEK: INFORMATION TECHNOLOGY VERSUS EVERYONE ELSE 63 2.1 Introduction 63 2.2 Role of IT 63 2.3 Information Technologist’s Perspective 72 2.4 Information Technology as an Ally 76 2.5 Translating Geek 77 CHAPTER 3 WHERE IS ELECTRONICALLY STORED INFORMATION? IT’S EVERYWHERE! 79 3.1 Introduction 79 3.2 Basics 80 3.3 Database Systems 87 3.4 E-Mail Systems 91 3.5 File and Print Servers 94 3.6 Instant Messaging Services 99 3.7 Mobile Devices 101 3.8 Physical Access Records 105 3.9 Telecommunications 109 3.10 Cellular Devices 119 3.11 Digital Video 126 3.12 Internet or Online Data 130 3.13 Storage Media 144 3.14 Internet of Things (IOT) or of Everything (IOE) 147 3.15 Event and System Logs 148 3.16 Desktop Computer Facts 149 3.17 Metadata and Other Nonapparent Data 154 3.18 Conclusion 157 CONTENTS VII CHAPTER 4 WHO’S IN CHARGE HERE? ALLIES, OWNERS, AND STAKEHOLDERS 159 4.1 Introduction 159 4.2 The (Long) List of Stakeholders 159 4.2.1 Information Technology Professionals 159 4.2.2 Legal Staff 162 4.2.3 Records Managers 163 4.2.4 Auditors 163 4.2.5 Human Resources 164 4.2.6 Department Heads, Vice Presidents, and Executives 164 4.2.7 Physical and Information Security Personnel 165 4.3 Ownership of Data 165 4.4 Data Control Considerations 170 4.5 Required Skill Sets and Tools 173 CHAPTER 5 THE HUNT: RECOVERY AND ACQUISITION 177 5.1 Introduction 177 5.2 Where, Oh Where, Has My Data Gone? 178 5.2.1 Applications as a Vital User Interface 178 5.2.2 Hidden or Restricted Access Data 183 5.2.3 Encrypted Data 188 5.2.4 Deleted or Corrupted Data 190 5.2.5 Proprietary Data or Data Stored on Obsolete Media 191 5.3 Privileged, Sensitive, and Inaccessible Data Management 196 5.4 Proving Ownership and Integrity 203 5.5 Marking Time: How Time Is Recorded and Ensuring Integrity 211 5.6 Legal and Forensically Sound Acquisition 215 CHAPTER 6 KEEPING YOUR TREASURES: PRESERVATION AND MANAGEMENT 223 6.1 Introduction 223 6.2 Securing the Data 223 6.3 Access Control and Management 226 6.4 Organization and File Management Techniques 232 6.4.1 Day-to-Day Organization 232 6.4.2 Management of Data over Time 236 6.4.3 Response to Litigation or Audits 238 6.5 Safe Storage Issues and Considerations 241 6.6 Litigation Hold 246 6.7 Spoliation: The Loss of Relevant Data 248 6.8 Automated Technical Solutions 250 VIII CONTENTS CHAPTER 7 SHARING IS GOOD: DISSEMINATION AND REPORTING 255 7.1 Introduction 255 7.2 Format Issues: Original or Usable? 255 7.3 Mediums for Transfer 259 7.4 Creating Readable Reports 261 7.5 Tips for Depositions and Expert Witness 264 7.6 Conclusion 266 APPENDIX I: LINKS AND REFERENCES FOR MORE INFORMATION 267 APPENDIX II: FORMS AND GUIDES 273 APPENDIX III: LINKS TO TECHNICAL SOFTWARE SOLUTIONS 291 INDEX 293 Foreword Matthews h as a pproached e- discovery f rom a f resh, n ew perspective—one that is understandable to the layperson as well as the technologist. Electronically S tored I nformation: The C omplete G uide t o Management, Understanding, Acquisition, Storage, Search, and R etrieval will guarantee that you know more about e-discovery than you thought possible. A must read for anyone in the information technology and legal professions, the book provides invaluable information to be proactive or reactive in responding to requests of electronically stored information. The flow of the book from the first chapter to the last is clear, simple, and thorough—any attorney who desires to become a technically savvy advo- cate for his or her corporate legal department or law firm will have this book at hand. This book goes a long way in removing the intimidation fac- tor between IT, the corporate legal department, and outside counsel. This book should be required reading for anyone in a computer science, infor- mation technology, or law-related program, and is now part of the Digital Forensics and the Law course I instruct. If you want to get up to speed on e-discovery and actually understand what you read, you’ll buy this book. Steve Hailey President/CEO CyberSecurity Institute Digital Forensic Examiner and Educator IX
Description: